Getting Started With Scapy: Python Network Manipulation Tool

Abdou Rockikz · 28 jul 2019

Abdou Rockikz · 4 min read · Updated oct 2019 · Ethical Hacking · Packet Manipulation Using Scapy

What is Scapy

Scapy is a packet manipulation tool for computer networks written in Python. It runs natively on Linux ( as well as Mac OS X ), but the latest versions of scapy actually supports Windows out-of-the-box. So you can use nearly all of scapy's features on a Windows machine as well.

It mainly provides a Python interface into libpcap, which is a portable C/C++ library for network traffic capture.

Why Learn Scapy

Now you're maybe wondering, ok well, but why scapy specifically ?

Well, the fact is that it provides us with a lot more functionalities than any other tool or module. Here are some of its features:

  • Can craft any packet and encode it.
  • Sniffing network packets.
  • Sending valid/invalid frames.
  • Injecting your own 802.11 frames.
  • Editing network packets on the fly.
  • Scanning the network.
  • Tracerouting and probing.
  • Attacking networks.
  • Network discovery.

It can literally replace most of any penetration tester's favorite utilities such as tcpdumphping, arpspoof and some parts of tshark and nmap.

You may say now that you don't really know these tools, well if you don't, no worries. The authors of scapy designed it to be much easier for beginners, as well as powerful tool for network analysts.

Core functionalities of Scapy

As mentioned in the official documentation, scapy enables you to build exactly the packets you actually want. You are free to put any value you want in any field you want of the packet you want and stack them like you want, the authors assume that you are an adult.

Installation

Alright, enough talking, now let's dive into the installation of this amazing module.

First you are going to need Python 2.7+/3.4+ installed, if you don't have Python yet, head to python official website.

Linux

If you are a linux user, you can run scapy without libpcap, you need to install tcpdump by the following commands:

On Debian and Ubuntu:

apt-get install tcpdump

On CentOS and Fedora:

yum install tcpdump

Mac OS X

For Mac users, You may need to install libpcap first using the following commands:

brew update

brew install libpcap

Windows

In Windows, you gonna need to install npcap here .


When you finish installing these dependencies in various platforms, you can easily install scapy using the following command:

pip install scapy

Overview

There are two ways of running scapy, one is using the interactive shell and the second is to import it in python script.

Using Interactive Shell

C:\>scapy
Welcome to Scapy (2.4.0)
>>>

Using Python Script

The following lines will actually import all scapy modules, functions and variables, then we create and show an IP packet for testing purposes.

C:\>python
>>> from scapy.all import *

>>> ip = IP()
>>> ip.show()
###[ IP ]### version = 4 ihl = None tos = 0x0 len = None id = 1 flags = frag = 0 ttl = 64 proto = 0 chksum = None src = 0.0.0.0 dst = 127.0.0.1 \options \

Congratulations, you have managed to install Scapy, here are some good tutorials:

Happy Coding & Crafting ♥

Sharing is caring!


Read Also





Comment panel

   
Comment system is still in Beta, if you find any bug, please consider contacting us here.